<?php
include_once '../includes/common.php';
if(isset($_GET['act']) && $_GET['act']=='reg'){
    $user = trim(htmlspecialchars(strip_tags(daddslashes($_POST['user']))));
    $pwd = trim(htmlspecialchars(strip_tags(daddslashes($_POST['pwd']))));
    $qq = trim(daddslashes($_POST['qq']));
    $email = trim(daddslashes($_POST['email']));
    $code = trim(daddslashes($_POST['code']));
    $upuid=1;
    if($conf['invite_rebate_open']==1){
        $invitecode = daddslashes($_POST['invitecode']);
        if($invitecode){
            $invite=$DB->get_row("SELECT * FROM authguao_user WHERE invitecode='".$invitecode."' limit 1");
            if (!$invite) {
                exit('{"code":-1,"msg":"邀请码错误或者邀请码不存在！"}');
            } else {
                $upuid=$invite['uid'];
            }
        }
    }
    $geetest_challenge = isset($_POST['geetest_challenge'])?$_POST['geetest_challenge']:null;
    $geetest_validate = isset($_POST['geetest_validate'])?$_POST['geetest_validate']:null;
    $geetest_seccode = isset($_POST['geetest_seccode'])?$_POST['geetest_seccode']:null;
    if (!preg_match('/^[a-zA-Z0-9]+$/',$user)) {
        exit('{"code":-1,"msg":"用户名只能为英文或数字！"}');
    } else if ($DB->get_row("SELECT * FROM authguao_user WHERE user='{$user}' limit 1")) {
        exit('{"code":-1,"msg":"用户名已存在！"}');
    } else if ($DB->get_row("SELECT * FROM authguao_user WHERE qq='{$qq}' limit 1")) {
        exit('{"code":-1,"msg":"QQ已存在！"}');
    } else if ($DB->get_row("SELECT * FROM authguao_user WHERE email='{$email}' limit 1")) {
        exit('{"code":-1,"msg":"邮箱已存在！"}');
    } else if (strlen($pwd) < 6) {
        exit('{"code":-1,"msg":"密码不能低于6位"}');
    } else if (strlen($qq) < 5 || !preg_match('/^[0-9]+$/',$qq)) {
        exit('{"code":-1,"msg":"QQ格式不正确！"}');
    } else if(!preg_match('/^[A-z0-9._-]+@[A-z0-9._-]+\.[A-z0-9._-]+$/', $email)){
        exit('{"code":-1,"msg":"请输入正确的邮箱！"}');
    } else if ($pwd == $user) {
        exit('{"code":-1,"msg":"用户名和密码不能相同！"}');
    } else if ($pwd == $email) {
        exit('{"code":-1,"msg":"密码和邮箱不能相同！"}');
    }
    $coderow=$DB->get_row("select * from authguao_code where code='".$code."' and hm='".$email."' order by id desc limit 1");
    if($conf['captcha_open_reg']==1 && $conf['captcha_open']==1){
        if(isset($_POST['geetest_challenge']) && isset($_POST['geetest_validate']) && isset($_POST['geetest_seccode'])){
            require_once SYSTEM_ROOT.'class.geetestlib.php';
            $GtSdk = new GeetestLib($conf['captcha_id'], $conf['captcha_key']);

            $data = array(
                'user_id' => $cookiesid,
                'client_type' => "web",
                'ip_address' => $clientip
            );

            if ($_SESSION['gtserver'] == 1) {   //服务器正常
                $result = $GtSdk->success_validate($_POST['geetest_challenge'], $_POST['geetest_validate'], $_POST['geetest_seccode'], $data);
                if ($result) {
                    //echo '{"status":"success"}';
                } else{
                    exit('{"code":-1,"msg":"验证失败，请重新验证"}');
                }
            }else{  //服务器宕机,走failback模式
                if ($GtSdk->fail_validate($_POST['geetest_challenge'],$_POST['geetest_validate'],$_POST['geetest_seccode'])) {
                    //echo '{"status":"success"}';
                }else{
                    exit('{"code":-1,"msg":"验证失败，请重新验证"}');
                }
            }
        }else{
            exit('{"code":2,"type":1,"msg":"请先完成验证"}');
        }
    }elseif($conf['captcha_open_reg']==1 && $conf['captcha_open']==2){
        if(isset($_POST['token'])){
            require_once SYSTEM_ROOT.'class.dingxiang.php';
            $client = new CaptchaClient($conf['captcha_id'], $conf['captcha_key']);
            $client->setTimeOut(2);
            $response = $client->verifyToken($_POST['token']);
            if($response->result){
                /**token验证通过，继续其他流程**/
            }else{
                /**token验证失败**/
                exit('{"code":-1,"msg":"验证失败，请重新验证"}');
            }
        }else{
            exit('{"code":2,"type":2,"appid":"'.$conf['captcha_id'].'","msg":"请先完成验证"}');
        }
    }elseif($conf['captcha_open_reg']==1 && $conf['captcha_open']==3){
        if(isset($_POST['token'])){
            if(vaptcha_verify($conf['captcha_id'], $conf['captcha_key'], $_POST['token'], $clientip)){
                /**token验证通过，继续其他流程**/
            }else{
                /**token验证失败**/
                exit('{"code":-1,"msg":"验证失败，请重新验证"}');
            }
        }else{
            exit('{"code":2,"type":3,"appid":"'.$conf['captcha_id'].'","msg":"请先完成验证"}');
        }
    }
    if (!$code || !$coderow){
        exit('{"code":-1,"msg":"验证码不正确！"}');
    } else if ($coderow['time']<TIMESTAMP-120 || $coderow['status']>0){
        exit('{"code":-1,"msg":"验证码已失效，请重新获取"}');
    }
    $sql="insert into `authguao_user` (`upuid`,`power`,`user`,`pwd`,`rmb`,`qq`,`email`,`invitecode`,`addtime`,`lasttime`,`status`) values ('".$upuid."','0','".$user."','".$pwd."','0','".$qq."','".$email."','".random(8)."','".$date."','".$date."','1')";
    $uid=$DB->insert($sql);
    if($uid){
        if ($conf['user_regtx_open'] == 1) {
            $title = $conf['sitename'] . "-用户注册成功通知！";
            $text = "恭喜您注册成功</br>账号：".$user."</br>密码：".$pwd."";
            $msg = youfas($title,$text);
            $result = send_mail($email, $title, $msg);
        }
        if($conf['invite_rebate_open']==1){
            if ($invitecode) {
                if ($invite && $invite['uid'] > 1) {
                    addInviteLog($invite["uid"], $qq, 4, $conf['invite_money'], "你邀请用户UID：".$uid."注册成功获得" . $conf['invite_money'] . "元奖励");
                }
            }
        }
        $session=md5($user.$pwd.$password_hash);
        $expiretime=TIMESTAMP+604800;
        $token=authcode("{$uid}\t{$session}\t{$expiretime}", 'ENCODE', SYS_KEY);
        setcookie("user_auth_token", $token, TIMESTAMP + 604800, '/user');
        log_result($uid, '用户登录', '用户:'.$user, 'IP:'.$clientip, '地点:'.$city);
        $DB->query("update `authguao_code` set `status` ='1' where `id`='{$coderow['id']}'");
        $name=qqname($userrow['qq']);
        exit('{"code":0,"msg":"succ","qq":"'.$userrow['qq'].'","name":"'.$name.'"}');
    }else{
        exit('{"code":-1,"msg":"注册用户失败！'.$DB->error().'"}');
    }
}elseif(isset($_GET['act']) && $_GET['act']=='sendcode'){
    $email=daddslashes($_POST['email']);
    if(isset($_SESSION['user_reg_mail']) && $_SESSION['user_reg_mail']>TIMESTAMP-60){
        exit('{"code":-1,"msg":"请1分钟后在发送验证码！"}');
    }
    $row = $DB->get_row("SELECT * FROM authguao_user WHERE email='".$email."' limit 1");
    if($row){
        exit('{"code":-1,"msg":"此邮箱已是授权商,禁止注册！"}');
    }
    $rows=$DB->get_row("select * from authguao_code where hm='".$email."' order by id desc limit 1");
    if($rows['time']>TIMESTAMP-120){
        exit('{"code":-1,"msg":"两次发送邮件之间需要相隔120秒！"}');
    }
    $count=$DB->count("select count(*) from authguao_code where hm='".$email."' and time>'".(TIMESTAMP-3600*24)."'");
    if($count>$conf['mail_count']){
        exit('{"code":-1,"msg":"该邮箱发送次数过多，请更换邮箱！"}');
    }
    $count=$DB->count("select count(*) from authguao_code where ip='".$clientip."' and time>'".(TIMESTAMP-3600*24)."'");
    if($count>$conf['mail_countday']){
        exit('{"code":-1,"msg":"你今天发送次数过多，已被禁止接收验证码！"}');
    }
    $sub = $conf['sitename'].' - 登录验证码获取';
    $code = rand(1111111,9999999);//6位随机验证码
    $text = '您的验证码是：'.$code;//发送的信息
    $msg = youfas($sub,$text);
    send_mail($email, $sub, $msg);
    if($DB->query("insert into `authguao_code` (`title`,`code`,`hm`,`time`,`date`,`ip`,`status`) values ('用户注册验证码','".$code."','".$email."','".TIMESTAMP."','".$date."','".$clientip."','0')")){
        $_SESSION['user_reg_mail']=TIMESTAMP;
        exit('{"code":0,"msg":"发送验证码成功,请进入QQ邮箱查看！"}');
    }else{
        exit('{"code":-1,"msg":"发送验证码失败'.$DB->error().'"}');
    }
}elseif($islogin2==1){
    sysmsg("您已登陆！",2,'./',true);
}elseif(!$conf['user_reg_open']){
    sysmsg("未开放新用户注册！",2,'./',true);
}
$title='用户注册';
if($conf['admin_qq']){
    $zzqq=$conf['admin_qq'];
}else{
    $zzqq=$conf['kfqq'];
}
if($conf['invite_rebate_open']==1){
    if(isset($_GET['invitecode'])){
        $invitecode=trim(daddslashes($_GET['invitecode']));
        $invite=$DB->get_row("SELECT * FROM authguao_user WHERE invitecode='".$invitecode."'");
        if(!$invite){
            $invitecode='';
        }
    }
}
?>
<!DOCTYPE html>
<html>
<head>
  <meta charset="utf-8">
  <title><?php echo $title;?> - <?php echo $conf['sitename'];?></title>
  <meta name="renderer" content="webkit">
  <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
  <meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0, user-scalable=0">
  <link rel="stylesheet" href="../assets/layui/css/layui.css" media="all">
  <link rel="stylesheet" href="../assets/layui/style/admin.css" media="all">
  <link rel="stylesheet" href="../assets/layui/style/login.css" media="all">
</head>
<style type="text/css">
#LAY-user-login {
    width: 100%;
    height: 100%;
    background-size: 300%;
    animation: bganimation 30s infinite;
    font-family: '@font-face';
}
@font-face {
    font-family: 'Nunito';
    font-style: normal;
    font-weight: 400;
    src: local('Nunito Regular'), local('Nunito-Regular'), url(/assets/fonts/XRXV3I6Li01BKofIOuaBTMnFcQIG.woff2) format('woff2');
    unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+1EA0-1EF9, U+20AB;
}

.FontColor {
    background-image: -webkit-linear-gradient(125deg, #29b9ff, #ff5b40);
    -webkit-background-clip: text;
    -webkit-text-fill-color: transparent;
    text-align: center;
    font-size: 2em;
    height: 3em;
    line-height: 3em;
    color: #745dff;
}
.LoginIcon {color: coral;cursor: pointer;}
.LgoinBtn {background: #76e633;}
.LgoinBtnDe {background: #CCCCCC;}
.visitor {width: 2em;height: 2em;margin: 0em auto;box-shadow: 3px 3px 8px 0px #ccc;border-radius: 30rem;cursor: pointer;margin-top: 0em;}
</style>
<body>
<style>
    @media screen and (max-width: 788px) {
        .nbi {
            width: 94% !important;
            margin-top: -3.5em;
        }
    }
</style>
<div class="layadmin-user-login layadmin-user-display-show" id="LAY-user-login" style="display: none;width: 100%;height: auto;background-image: url(https://bing.ioliu.cn/v1/rand?w=1920&h=1080);-webkit-background-size: cover和-o-background-size: cover;">
  <div class="layadmin-user-login-main nbi" style="background-color: white;border-radius: 0.3em;opacity: 0.9;">
    <a href="/" class="layui-icon layui-icon-left" style="position: absolute;margin: 0.6em;background-image: -webkit-linear-gradient(125deg, #29b9ff, #ff5b40);-webkit-background-clip: text;-webkit-text-fill-color: transparent;"></a>
      <div class="layadmin-user-login-box layadmin-user-login-header">
        <h2 class="FontColor"><?php echo $conf['sitename'];?></h2>
        <p><img src="//q4.qlogo.cn/headimg_dl?dst_uin=<?php echo $zzqq;?>&spec=640" width="18" height="18"/><?php echo $title;?></p>
      </div>
      <div class="layadmin-user-login-box layadmin-user-login-body layui-form">
        <div class="layui-form-item">
          <label class="layadmin-user-login-icon layui-icon layui-icon-username"></label>
          <input type="text" name="user" id="user" lay-verify="required" placeholder="用户名" class="layui-input">
        </div>
        <div class="layui-form-item">
          <label class="layadmin-user-login-icon layui-icon layui-icon-password"></label>
          <input type="password" name="pwd" id="pwd" lay-verify="required" placeholder="密码" class="layui-input">
        </div>
        <div class="layui-form-item">
          <label class="layadmin-user-login-icon layui-icon layui-icon-login-qq"></label>
          <input type="text" name="qq" id="qq" lay-verify="required" placeholder="联系QQ号" class="layui-input">
        </div>
        <div class="layui-form-item">
          <label class="layadmin-user-login-icon layui-icon layui-icon-email"></label>
          <input type="text" name="email" id="email" lay-verify="required" placeholder="邮箱" class="layui-input">
        </div>
        <?php if($conf['invite_rebate_open']==1){?>
        <div class="layui-form-item">
          <label class="layadmin-user-login-icon layui-icon layui-icon-auz"></label>
          <input type="text" name="invitecode" id="invitecode" value="<?php echo $invitecode;?>" lay-verify="required" placeholder="邀请码" class="layui-input">
        </div>
        <?php }?>
        <div class="layui-form-item">
          <div class="layui-row">
            <div class="layui-col-xs7">
              <label class="layadmin-user-login-icon layui-icon layui-icon-vercode"></label>
              <input type="text" name="code" id="code" lay-verify="required" placeholder="邮箱验证码" class="layui-input">
            </div>
            <div class="layui-col-xs5">
              <div style="margin-left: 10px;">
                <span class="layui-btn layui-btn-primary layui-btn-fluid" id="sendcode">获取验证码</span>
              </div>
            </div>
          </div>
        </div>
        <?php if($conf['captcha_open_reg']==1 && $conf['captcha_open']>=1){?>
            <input type="hidden" name="captcha_type" value="<?php echo $conf['captcha_open']?>"/>
            <?php if($conf['captcha_open']>=2){?><input type="hidden" name="appid" value="<?php echo $conf['captcha_id']?>"/><?php }?>
            <div id="captcha" style="margin: auto;"><div id="captcha_text">正在加载验证码</div>
            <div id="captcha_wait">
                <div class="loading">
                    <div class="loading-dot"></div>
                    <div class="loading-dot"></div>
                    <div class="loading-dot"></div>
                    <div class="loading-dot"></div>
                </div>
            </div></div>
            <div id="captchaform"></div>
            <br/>
        <?php }?>
        <button class="layui-btn layui-btn-fluid layui-anim layui-anim-upbit" id="submit_login" style="background-color: #ff7235">注 册</button>
        <div class="layui-trans layui-form-item layadmin-user-login-other"><label>快捷登录</label>
           <a href="./login.php" class="layadmin-user-jump-change layadmin-link">返回登录</a>
           <a href="/" class="layadmin-user-jump-change layadmin-link">返回首页</a>
        </div>
      </div>
    </div>
    <div class="layui-trans layadmin-user-login-footer" style="color: white;">
      <p>© 2020 <a href="/" target="_blank" style="color: white;"><?php echo $conf['sitename'];?></a></p>
    </div>
  </div>
<script src="//lib.baomitu.com/jquery/3.4.1/jquery.min.js"></script>
<script src="//lib.baomitu.com/layer/2.3/layer.js"></script>
<script src="../assets/layui/layui.all.js"></script>
<script>
function invokeSettime(obj){
    var countdown=120;
    settime(obj);
    function settime(obj) {
        if (countdown == 0) {
            $(obj).attr("data-lock", "false");
            $(obj).text("获取验证码");
            countdown = 120;
            return;
        } else {
            $(obj).attr("data-lock", "true");
            $(obj).attr("disabled",true);
            $(obj).text("" + countdown + " s 重发");
            countdown--;
        }
        setTimeout(function() {
            settime(obj) 
        }
        ,1000)
    }
}
$("#sendcode").click(function(){
    if ($(this).attr("data-lock") === "true") return;
    var email=$("input[name='email']").val();
    if(email==''){layer.msg('邮箱不能为空！');return false;}
    var reg = /^([a-zA-Z0-9_-])+@([a-zA-Z0-9_-])+(.[a-zA-Z0-9_-])+/;
    if(!reg.test(email)){layer.msg('邮箱格式不正确！');return false;}
    var ii = layer.load(2, {shade:[0.1,'#fff']});
    $.ajax({
        type : "POST",
        url : "reg.php?act=sendcode",
        data : {email:email},
        dataType : 'json',
        success : function(data) {
            layer.close(ii);
            if(data.code == 0){
                new invokeSettime("#sendcode");
                layer.alert(data.msg, {icon: 1});
            }else{
                layer.alert(data.msg, {icon: 2});
            }
        } 
    });
});
var handlerEmbed = function (captchaObj) {
    captchaObj.appendTo('#captcha');
    captchaObj.onReady(function () {
        $("#captcha_wait").hide();
    }).onSuccess(function () {
        var result = captchaObj.getValidate();
        if (!result) {
            return alert('请完成验证');
        }
        $("#captchaform").html('<input type="hidden" name="geetest_challenge" value="'+result.geetest_challenge+'" /><input type="hidden" name="geetest_validate" value="'+result.geetest_validate+'" /><input type="hidden" name="geetest_seccode" value="'+result.geetest_seccode+'" />');
    });
};
var handlerEmbed2 = function (token) {
    if (!token) {
        return alert('请完成验证');
    }
    $("#captchaform").html('<input type="hidden" name="token" value="'+token+'" />');
};
var handlerEmbed3 = function (vaptchaObj) {
    vaptchaObj.render();
    $('#captcha_text').hide();
    vaptchaObj.listen('pass', function() {
        var token = vaptchaObj.getToken();
        if (!token) {
            return alert('请完成验证');
        }
        $("#captchaform").html('<input type="hidden" name="token" value="'+token+'" />');
    })
};
$(document).ready(function(){
    var captcha_type = $("input[name='captcha_type']").val();
    $("#submit_login").click(function(){
        var user = $("input[name='user']").val();
        var pwd = $("input[name='pwd']").val();
        var qq = $("input[name='qq']").val();
        var email = $("input[name='email']").val();
        var code = $("input[name='code']").val();
        if(user=='' || pwd=='' || qq=='' || email=='' || code==''){
            layer.alert('请确保各项都不能为空！');return false;
        }
        <?php if($conf['invite_open']==1){?>
        var invitecode = $("input[name='invitecode']").val();
        var data = {user:user, pwd:pwd, qq:qq, email:email, code:code, invitecode:invitecode};
        <?php }else{?>
        var data = {user:user, pwd:pwd, qq:qq, email:email, code:code};
        <?php }?>
        if(captcha_type == 1){
            var geetest_challenge = $("input[name='geetest_challenge']").val();
            var geetest_validate = $("input[name='geetest_validate']").val();
            var geetest_seccode = $("input[name='geetest_seccode']").val();
            if(geetest_challenge == undefined){
                layer.alert('请先完成滑动验证！'); return false;
            }
            var adddata = {geetest_challenge:geetest_challenge, geetest_validate:geetest_validate, geetest_seccode:geetest_seccode};
        }else if(captcha_type == 2||captcha_type == 3){
            var token = $("input[name='token']").val();
            if(token == undefined){
                layer.alert('请先完成滑动验证！'); return false;
            }
            var adddata = {token:token};
        }
        var ii = layer.load(2, {shade:[0.1,'#fff']});
        $.ajax({
            type : "POST",
            url : "reg.php?act=reg",
            data : Object.assign(data, adddata),
            dataType : 'json',
            success : function(data) {
                layer.close(ii);
                if(data.code == 0){
                    layer.msg('<center><img src="https://q4.qlogo.cn/g?b=qq&nk='+data.qq+'&s=100" height="60"></center><hr>你好'+data.name+',恭喜您注册成功！', {
                        btn: '进入后台', btnAlign: 'c', end: function (layero, index) {
                            window.location.href = './'
                        }
                    })
                }else{
                    layer.alert(data.msg, {icon: 2});
                }
            } 
        });
    });
    if(captcha_type == 1){
        $.getScript("//static.geetest.com/static/tools/gt.js", function() {
            $.ajax({
                url: "ajax.php?act=captcha&t=" + (new Date()).getTime(),
                type: "get",
                dataType: "json",
                success: function (data) {
                    $('#captcha_text').hide();
                    $('#captcha_wait').show();
                    initGeetest({
                        gt: data.gt,
                        challenge: data.challenge,
                        new_captcha: data.new_captcha,
                        product: "popup",
                        width: "100%",
                        offline: !data.success
                    }, handlerEmbed);
                }
            });
        });
    }else if(captcha_type == 2){
        var appid = $("input[name='appid']").val();
        $.getScript("//cdn.dingxiang-inc.com/ctu-group/captcha-ui/index.js", function() {
            var myCaptcha = _dx.Captcha(document.getElementById('captcha'), {
                appId: appid,
                type: 'basic',
                style: 'oneclick',
                width: "",
                success: handlerEmbed2
            })
            myCaptcha.on('ready', function () {
                $('#captcha_text').hide();
            })
        });
    }else if(captcha_type == 3){
        var appid = $("input[name='appid']").val();
        $.getScript("//v.vaptcha.com/v3.js", function() {
            vaptcha({
                vid: appid,
                type: 'click',
                container: '#captcha',
                offline_server: 'https://management.vaptcha.com/api/v3/demo/offline'
            }).then(handlerEmbed3);
        });
    }
});
function saoma() { //扫码登陆
    layer.open({type: 1, offset: '188px',anim: 6, title: '请先使用QQ手机版扫描二维码',content: '<div class="form-group" style="text-align: center;"><div style="margin-top:1rem;margin-bottom:1rem;color:#666" id="login"><span id="loginmsg">请使用QQ手机版扫描二维码</span><span id="loginload" style="color: #790909;">.</span></div><div id="qrimg"></div></br><div class="list-group-item" id="mobile" style="display:none;"><button type="button" id="mlogin" onclick="mloginurl()" class="layui-btn layui-btn-fluid layui-btn-normal layui-btn-lg">跳转QQ快捷登录</button></div></div><script src="../assets/js/qrlogin.js?ver=<?php echo VERSION ?>"><\/script>'});
}
</script>
</body>
</html>